Commit Graph

2605 Commits

Author SHA1 Message Date
Ben McGinnes
a3a08584d6 examples: python howto
* Uses the groups module to prepare a list of recipients and encrypt
  to those.
* The main version (encrypt-to-group.py) tries to check for invalid
  recipients, but still falls back to always trust for the second
  encryption attempt.
* The gullible version doesn't try pruning the recipient list at all,
  it just tries to encrypt and if it fails, switches straight to
  always trust.
* The trustno1 version doesn't use the always trust model at all and
  only attempts pruning the list of invalid recipients.
2018-06-07 15:06:20 +10:00
Werner Koch
2c4c569247
core: Return a better error code on certain decryption failures.
* src/decrypt.c (op_data_t): Add field first_status_error.
(parse_status_error): Set it.
(_gpgme_decrypt_status_handler): Prefer an ERROR code over a
NO_SECKEY.
--

GnuPG-bug-id: 3983
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-06 16:20:27 +02:00
Werner Koch
998fec8a4f
json: Allow to compile with libgpg-error < 1.28
* src/cJSON.c: Use gpgrt fucntion only if available.
--

We have a hack in gpgme-json to allow building with older libgpg-error
versions.  That whole thing will not work but the instead the binary
will print an error at runtime that it needs to be build with a newer
libgcrypt.  There was a little bug here for the Debian packages
libgpg-error versions which failed to build cJSON.  cJSON is only
needed be the full gpgme-json but nevertheless the Makefile wants to
build it.  The fix is straightforward.

GnuPG-bug-id: 3971
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-05 09:40:17 +02:00
Ben McGinnes
897423422b docs: python bindings howto
* Another attempt at fixing the org-mode version.
* A proof reader ascertained there were tabs in it instead of whitespace.
* Stripped the lot out and replaced with standard 4 spaces, fixed
  every incorrect example ... and it still breaks upon save and/or export.
* Added the reference to the mutt-groups.py script to demonstrate the
  groups.py module/code.
2018-06-03 00:46:46 +10:00
Ben McGinnes
e144a6d706 Authors: DCO
* Added mine to the GPGME AUTHORS file.  Mainly so I'm doing what I
  say myself when about to request another from someone ...  ;)
2018-06-02 17:15:40 +10:00
Andre Heinecke
00b027af86
cpp: Add gpgme_(get)set_ctx_flag
* NEWS: Mention API extensions.
* lang/cpp/src/context.cpp, lang/cpp/src/context.h
(Context::setFlag, Context::getFlag): New.
2018-06-01 11:10:45 +02:00
Andre Heinecke
d46768c960
cpp: Add legacy_cipher_nomdc
* lang/cpp/src/decryptionresult.cpp, lang/cpp/src/decryptionresult.h
(DecryptionResult::isLegacyCipherNoMDC): New.

--
2018-06-01 10:58:24 +02:00
Werner Koch
662604c5bc
core: New context flag "ignore-mdc-error".
* src/context.h (gpgme_context): Add field ignore_mdc_error.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Set/get it.
* src/engine-gpg.c (engine_gpg): Add flags.ignore_mdc_error.
(gpg_set_engine_flags): Set it.
(build_argv): Pass option to gpg.
* src/decrypt.c (_gpgme_decrypt_status_handler): Take care of flag.
(gpgme_op_decrypt_result): Clear flag.
(gpgme_op_decrypt): Clear flag.
* src/decrypt-verify.c (gpgme_op_decrypt_verify): Clear flag
(gpgme_op_decrypt_ext): Clear flag.

* tests/run-decrypt.c (show_usage): Add option --ignore-mdc-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-01 01:29:34 +02:00
Werner Koch
dd19cabe81
core: New decryption result flag 'legacy_cipher_nomdc'.
* src/gpgme.h.in (_gpgme_op_decrypt_result): Add flag
legacy_cipher_nomdc.
* src/decrypt.c (parse_status_error): Set this flag.
* tests/run-decrypt.c (print_result): print it.
(main): Print the result even on error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-01 01:01:08 +02:00
Werner Koch
e2aa38b56a
core: Remove cruft from the engine-gpg code.
* src/engine-gpg.c (read_status): Remove the handling of
GPGME_STATUS_END_STREAM; this was used only by the former experimental
--pipemode of gpg but that is not even anymore invoked here.
(struct engine_gpg): Remove cmd.linked_data and .linked_idx.
(build_argv): Remove code for linked_data.
(gpg_new): Ditto.
(gpg_set_command_handler): Remove arr linked_data.
* src/engine-backend.h (engine_ops): Remove arg data from
set_command_handler.
* src/engine.c (_gpgme_engine_set_command_handler): Remove arg
linked_data and adjust all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-01 00:13:53 +02:00
Werner Koch
2219fc19d5
core: Minor cleanup in engine-gpg and -gpgsm.
* src/engine-gpg.c: Remove errno.h.
(build_argv): Use gpg_error_from_syserror instead of ERRNO.
* src/engine-gpgsm.c: Remove errno.h.
(status_handler): Remove check for EINTR; gpgme_data_write already
handles EINTR.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-06-01 00:13:52 +02:00
Andre Heinecke
618aa7f08d
cpp: Add gpgme_data_rewind to cpp API
* lang/cpp/src/data.h, lang/cpp/src/data.cpp (Data::rewind): New.
* lang/qt/tests/t-various.cpp (testDataRewind): Test it.

--
The advantage of this convieniance function in GPGME is that
it avoids the messiness that are declarations with off_t.

GnuPG-Bug-Id: T3996
2018-05-29 09:19:50 +02:00
Werner Koch
77166851f1
json: Fix compiler warning.
* src/gpgme-json.c (op_version): Mark request as unused.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-28 09:58:02 +02:00
Werner Koch
0de991fee0
json: Do not allow to export or delete secret keys.
* src/gpgme-json.c (op_export, op_delete): Return GPG_ERR_FORBIDDEN if
"secret" is used.
--

This should not be possible from a browser and we need to make this
fully clear.  Actually gpg-agent won't allow that anyway but having
this explicitly is better.

If that is ever needed a dedicated command line option may enable
this, for example when used by regular programs and not by the browser.
But that requires other changes as well.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-28 09:56:49 +02:00
Werner Koch
368f2d9db3
json: Fix use of get_context.
* src/gpgme-json.c (create_onetime_context): New.
(release_onetime_context): New.
(op_sign): Use the new fucntions to create a separate context.
(op_encrypt): Use a separate context for key listings.
(create_keylist_patterns): Remove unneeded cast.
--

get_context retruns a static per-process context and can thus not be
used as a separate context.  Use dedicated fucntions for this.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-28 09:53:32 +02:00
Andre Heinecke
7aa00917c7
json: Implement encrypt-sign
* src/gpgme-json.c (op_encrypt): Add optional signing_keys param.
(get_keys, create_keylist_patterns): Add param for json object name.

--
If the optional parameter signing_keys is provided to encrypt
it becomes an encrypt-sign operation.
2018-05-25 15:48:39 +02:00
Andre Heinecke
73dc5e933d
json: Implement delete command
* src/gpgme-json.c (op_delete): New.
(hlp_help, process_request): Add it.

--
As with import / export delete also does not work for
the browser origin.
2018-05-25 15:24:03 +02:00
Andre Heinecke
a1bbe7473a
json: Implement op_export
* src/gpgme-json.c (op_export): New.
(hlp_getmore, process_request): Add it.

--
Secret key export does not work with request-origin browser.
2018-05-25 14:52:51 +02:00
Andre Heinecke
897522527d
json: Fix double ctx alloc
* src/gpgme-json.c (op_keylist): Only get one ctx.
2018-05-25 14:50:59 +02:00
Andre Heinecke
10683b1a91
json: Add guard in create_keylist_patterns
* src/gpgme-json.c (create_keylist_patterns): Guard against
a string ending with a linbreak.
2018-05-25 14:50:20 +02:00
Andre Heinecke
1ff16dad59
json: Implement import operation
* src/gpgme-json.c (op_import): New.
(import_status_to_json, import_result_to_json): New.
(hlp_help, process_request): Add import.
2018-05-25 14:19:41 +02:00
Andre Heinecke
fe06929dee
json: Improve keylist help
* src/gpgme-json.c (hlp_keylist): Clarify doc about keys parameter.
2018-05-25 13:09:34 +02:00
Andre Heinecke
10724e363d
json: Fix keylist pattern handling
* src/gpgme-json.c (xfree_array): New helper.
(create_keylist_patterns): Convert keystring to gpgme patterns.
(op_sign, op_keylist): Use it.
2018-05-25 13:06:44 +02:00
Andre Heinecke
ed20936ce4
json: Add additional commands to help
* src/gpgme-json.c (hlp_help): Add additional commands.
2018-05-25 12:22:37 +02:00
Andre Heinecke
aa59f4970a
json: Refactor signature and ei code
* src/gpgme-json.c (add_summary_to_object): Changed to:
sigsum_to_json.
(add_signature_to_object): Changed to signature_to_json.
(add_signatures_to_object): Changed to verify_result_to_json.
(add_ei_to_object): Changed to engine_info_to_json.
(op_decrypt, op_verify, op_version): Use new functions.

--
This pattern of gpgme_type to json object conversion
is much cleaner then the error returning "add to object"
functions.
2018-05-25 12:17:46 +02:00
Andre Heinecke
546e3295ea
json: Implement keylist
* src/gpgme-json.c (xjson_AddStringToObject0)
(xjson_AddItemToObject): New helpers.
(sig_notation_to_json, key_sig_to_json, tofu_to_json)
(uid_to_json, subkey_to_json, key_to_json): New
GPGME to JSON functions.
(op_keylist): New.
(process_request): Add op_keylist.

--
The conversion from GPGME data structures to
JSON follow the same pattern for the keylist
functions using the xjson wrappers instead
of error checking every cJSON call.

For large keylists the keylist command also
needs a data / getmore handling somehow.
2018-05-25 11:56:32 +02:00
Andre Heinecke
a46c27b321
json: Deduplicate input handling code
* gpgme-json.c (get_string_data): New.
(op_verify, op_sign, op_decrypt, op_encrypt): Use it.

--
This handles the common base64 decoding and creation of the
gpgme_data object.
2018-05-25 11:56:32 +02:00
Ben McGinnes
321005c12f examples: mutt crypt-hooks generator
* Added a script which demonstrates how the groups module works.
* Script generates Mutt/Neomutt crypt-hooks for every group entry in
  gpg.conf, including those entries for multiple keys (Mutt handles
  that differently).
2018-05-25 07:12:52 +10:00
Ben McGinnes
48e946a96d docs: python bindings howto
* Fixed the groups.py script so it really does what is described (the
  old code had the same result for groups, group_lines and
  group_lists).
* Updated the corresponding example in the doc to match.
2018-05-25 05:50:11 +10:00
Ben McGinnes
9038d30017 doc: python bindings howto
* Fixed org-mode python source indenting.
** Note: nested indented blocks do not indent correctly when exported
   to [X]HTML.
2018-05-25 05:50:11 +10:00
Andre Heinecke
9fca7c8406
json: Add code to gpg_error based messages
* src/gpgme-json.c (gpg_error_object): New.
(error_object_v): Extend to take error.

--
Having the error code is helpful, especially as
the strerrors are localized. E.g. to detect
an ERROR_CANCELED.
2018-05-24 16:35:42 +02:00
Andre Heinecke
61f4532ba9
json: Implement op_version
* src/gpgme-json.c (op_version): New.
(process_request): Extend for version.
(protocol_to_string, add_ei_to_object): New helpers.
2018-05-24 16:15:14 +02:00
Andre Heinecke
5fbf81c18b
json: Implement op_verify
* src/gpgme-json.c (op_verify): New.
(hlp_help): Add verify.
(process_request): Add verify.

--
Mostly works, except for detached, base64 encoded signatures,
they are somehow not yet written to gpgme.
2018-05-24 16:14:54 +02:00
Andre Heinecke
c679ed2477
json: Put signature info before data output
* src/gpgme-json.c (op_decrypt): Move info before data.

--
This should enable it to first parse signatures before
handling very large chunks of data.
2018-05-24 13:36:31 +02:00
Andre Heinecke
a6cd3a1197
json: Add sign to help
* src/gpgme-json.c (hlp_help): Add sign.
2018-05-24 13:31:15 +02:00
Andre Heinecke
1c0a55a608
json: Add op_sign
* src/gpgme-json.c (op_sign): New.
2018-05-24 13:29:23 +02:00
Andre Heinecke
b344933e4c
json: Fix invalid function call
* src/gpgme-json.c (add_signatures_to_object): Fix call to
xjson_CreateArray.

--
That is what happens if you edit code while reviewing changes,
without testing it again,..
2018-05-24 13:16:55 +02:00
Andre Heinecke
45036c3c4c
json: Print signatures for decrypt/verify
* gpgme-json.c (xJSON_CreateArray),
(add_summary_to_object, validity_to_string): New helpers.
(add_signature_to_object, add_signatures_to_object)
(add_signatures_object): New.
(op_decrypt): Handle verify_result.
(hlp_help): Mention decrypt.
2018-05-24 12:37:29 +02:00
Andre Heinecke
fd5e14660a
json: Minor typo fixes
* src/gpgme-json.c: Minor typo fixes.
2018-05-24 10:26:41 +02:00
Ben McGinnes
3a9e6a8e08 docs and examples: python howto
* Updated the decryption example code in the HOWTO and the
  corresponding decrypt-file.py script to gracefully handle a
  decryption failure.  This error will always be triggered when GPGME
  is used to try to decrypt an old, MDC-less encrypted message or
  file.
2018-05-23 14:43:06 +10:00
Andre Heinecke
28e3778ce2
cpp: Expose sessionKey and symkeyAlgo
* lang/cpp/decryptionresult.cpp, lang/cpp/decryptionresult.h
(DecryptionResult::symkeyAlgo, DecryptionResult::sessionKey): New.
2018-05-22 12:08:01 +02:00
Andre Heinecke
e04b8142df
core, w32: Add w64 handling for regkeys
* src/w32-util.c (_gpgme_get_gpg_path): Use new defines.
(GNUPG_REGKEY_2): x64 aware regkey as used by GnuPG in Gpg4win 2.x
(GNUPG_REGKEY_3): x64 aware regkey as used by GnuPG in Gpg4win 3.x
(_gpgme_get_gpgconf_path): Use new regkeys. Add another fallback.

--
This should fix more "unsupported protocol" issues if Gpg4win /
GnuPG is installed in a non standard path on 64bit systems.

The regkey handling is similar to that of gpgex and gpgol.

GnuPG-Bug-Id: T3988
2018-05-17 17:46:12 +02:00
Werner Koch
8a0c8c5251
core: Always fail if an OpenPG message is not integrity protected.
* src/decrypt.c (struct op_data_t): Add field not_integrity_protected.
(parse_decryption_info): Set this.  Also rename mode to aead_algo for
clarity.
(_gpgme_decrypt_status_handler): Force failure in case of a missing
MDC.
--

This extra check makes sure that a missing or stripped MDC in
 - gpg < 2.1
 - or gpg 2.2 with an old cipher algorithm
will lead to a decryption failure.  gpg 2.3 will always fail in this
case.  Implementing this check here and not backporting the 2.3 change
to 2.2 has the benefit that all GPGME using applications are protected
but scripts relying on rfc2440 (i.e. without MDC) will only break when
migrating to 2.3.

Note that S/MIME has no integrity protection mechanism but gpgsm
neither emits a DECRYPTION_INFO status line, so an error will not be
triggered.  If in the future gpgsm supports authenticated encryption
it may issue a DECRYPTION_INFO line to force a failure here but it
will in that case also emit a DECRYPTION_FAILED anyway.

GnuPG-bug-id: 3981
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-17 09:16:05 +02:00
Werner Koch
e54b110aec
json: Improve auto-base64 encoding to not split UTF-8 chars.
* src/gpgme-json.c (make_data_object): Switch to Base64 also for UTF-8
characters.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-09 16:41:05 +02:00
Werner Koch
e2a8a87bf9
core: Make the status-fd monitor work for all gpgsm commands.
* src/engine-gpgsm.c (status_handler): Call the status monitor also
here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-09 16:39:30 +02:00
Ben McGinnes
46da79e3de python: key expiration datetime stamp tests
* Changed the expiration date for the generated test key to NYE this
  century, rather than the NYE this millennium as originally suggested
  in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
  healthy millennials) as well as the 32-bit clock end date in 2038;
  without falling foul of OpenPGP's 2106 expiration.
2018-05-05 12:27:17 +10:00
Andre Heinecke
26820ba629
qt: Respect --disable-gpg-test for tests
* lang/qt/Makefile.am: Respect --disable-gpg-test

--
This is similar to the core switch to disable the tests.
2018-05-04 10:03:42 +02:00
Andre Heinecke
6b267c56fd
qt: Fix filename handling in cryptoconfig
* src/qgpgmenewcryptoconfig.cpp (QGpgMENewCryptoConfigEntry::urlValue):
Build url from local file.
(QGpgMENewCryptoConfigEntry::setURLValue): Set native seperated
path.

--
This fixes setting files through cryptoconfig on Windows.
GnuPG-Bug-Id: T3939
2018-04-26 14:11:19 +02:00
Andre Heinecke
7706fa2c92
core: Do not modify args for ignored failures
* src/op-support.c (_gpgme_parse_failure): Ignore gpg-exit failures
before modifying args.

--
For op_decrypt_verify the status handler for both decrypt and
verify would parse the failure when the first parser ignored
the failure. This resulted in an ERR_INV_ENGINE as the first
call to parse_failure modified the args.

GnuPG-Bug-Id: T3919
2018-04-20 14:30:53 +02:00
Werner Koch
302ec1f9aa
Post release updates
--
2018-04-20 10:41:38 +02:00